The majority of applications that I have seen have all application users connecting through a single SQL Server login and then implement some form of custom authorization. Most use a SQL Server login.
BTW, this makes the best use of connection pooling.
-Mike